diff options
author | Rafael Bodill <rafi@sortex.co.il> | 2014-09-28 19:23:13 +0200 |
---|---|---|
committer | Rafael Bodill <rafi@sortex.co.il> | 2014-09-28 19:23:13 +0200 |
commit | 4edab80a15cad1a479d110f6b7e782e1b434763d (patch) | |
tree | 1f53d82265a95e9d4e431850b7b82fc950dc5801 | |
parent | 40fa09dcf09611afb34434a5c5c087b64f3fe8b6 (diff) |
file/cron: Protecting identifiers
-rw-r--r-- | application/controllers/file.php | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/application/controllers/file.php b/application/controllers/file.php index ddb7a38cf..329a0bdf7 100644 --- a/application/controllers/file.php +++ b/application/controllers/file.php @@ -1004,7 +1004,8 @@ class File extends MY_Controller { $query = $this->db->select('hash, id, user') ->from('files') ->where('date <', $oldest_time) - ->or_where("(user = 0 AND date < $oldest_session_time)") + ->or_where('('.$this->db->_protect_identifiers('user').' = 0 AND ' + .$this->db->_protect_identifiers('date')." < $oldest_session_time)") ->get()->result_array(); foreach($query as $row) { |